Lucene search
WpvulndbWPVDB-ID:01188996-67D1-4EED-9D85-5A16AE8AD1A0HistoryMar 20, 2024 - 12:00 a.m.
Premmerce Permalink Manager for WooCommerce < 2.3.11 - Unauthenticated Local File Inclusion
2024-03-2000:00:00
wpscan.com
9
premmerce permalink manager
woocommerce
vulnerable
local file inclusion
unauthenticated
arbitrary files
php code
server security
Description The Premmerce Permalink Manager for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.3.10. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 2.3.11 |
Related
cve
cve
CVE-2024-27971
2024-05-17 09:15:27
cvelist
cvelist
githubexploit
githubexploit
Exploit for CVE-2024-27971
2024-05-03 13:38:33
nvd
nvd
CVE-2024-27971
2024-05-17 09:15:27
vulnrichment
vulnrichment
wordfence
wordfence
8.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.5%
Related for WPVDB-ID:01188996-67D1-4EED-9D85-5A16AE8AD1A0